Internet of Things

Internet Society Panel: The I in IoT – Implications for a Global Open Internet

Will deployment of Internet of Things (IoT) systems affect the open, global nature of the Internet? That was the topic of a panel discussion sponsored by the Internet Society and held in conjunction with IETF 97 in Seoul, South Korea.

Moderated by Olaf Kolkman, Chief Internet Technology Officer for ISOC, the panel explored the implications of IoT systems on the Internet itself. Panelists included Hannes Tschofenig of ARM Limited, Carsten Bormann of Karlsruhe Institute of Technology, Erica Johnson of the University of New Hampshire’s InterOperability Lab, Juan Carlos Zuniga of SIGFOX, and Michael Koster of the IoT Council.

Kolkman introduced the discussion by pointing out that the Internet is a global, general-purpose network that is accessible to all. He noted that the Internet is unique because it features permissionless innovation, which means anyone can deploy a new application. Further, the Internet is based on interoperability, mutual agreement, and collaboration. Two other important aspects of the Internet are that it has reusable building blocks as its foundation and that it is constantly evolving, with no permanent favorites in terms of technology and business. Kolkman called these features “Internet invariants”.

Kolkman asked the five panelists the following question: “What are the implications of autonomous, always-on, connected, and often constrained devices on the global Internet from the perspective of the Internet invariants?”

Overall, panelists expressed concern that weak IoT deployments would denigrate the Internet’s overall interoperability and accessibility. Further, they worried that problems with the performance or security of IoT devices could lead to additional government regulation, which would likely change the Internet’s spirit of mutual agreement and collaboration.

“I think what we’re looking at is a lack of confidence in IoT,” Koster said. “The failures in confidence are the failures of integrity. What this requires is a clear notion of data ownership and a clear notion of where the policy control comes from.”

Koster added that IoT represents a new paradigm for the Internet. Previously, the Internet depended on the deployment of a few extremely large websites. “Connected things are not going to get that much benefit from connecting to a massive website,” he said. “Instead, connected things are going to drive scale at the edge of the networks.”

Zuniga explained that IoT applications have been deployed successfully in industrial environments for years, but what’s new is the range of consumer devices being connected to the Internet. “These are super-constrained, low-complexity devices,” he said. “We need to be able to run generic IP services. I think this is key.”

Bormann pointed out that IoT may result in government regulation of Internet-connected devices, which could affect the permissionless innovation aspect of the Internet. “Users may have the responsibility to run the Internet things responsibly,” he said. “If I have a car, I have the responsibility to get the brakes fixed. That may be the kind of economic change that is coming up.”

The regulations may not be all bad, he added. “When I go to a restaurant, I like that regulations mean that I’m not going to be poisoned,” he said. “Things like UL Certification in the United States is something that will have to happen so that we have an understanding of what we would like these devices to do. As engineers, our end product is not technology; it is confidence.”

Johnson said her lab has been conducting interoperability testing for several IoT providers, who are struggling with interoperability through home gateways and various access technologies. “They want to give their customers the user confidence and assurance about interoperability,” she said.

One concern Johnson noted is that these IoT vendors don’t seem to care about IPv6, the next-generation Internet Protocol that is critical to maintaining the open, end-to-end nature of the Internet.

“We have an opportunity to help educate the companies that are producing these products,” she said. “By expanding IPv6 forums to include an IoT logo, we might be able to help give them that user confidence and assurance. We would include the most basic RFPs including 6LoWPAN. We would provide the tools and test specifications… to make it readily available and cost-effective to ensure interoperability.”

Tschofenig agreed that the IETF has an opportunity to provide open source protocol stacks to IoT developers to ensure that they meet the standards-based interoperability feature of the Internet.

“At ARM, we have an operating system, protocol stacks and security stacks. Hopefully IoT developers will be encouraged to use them, rather than write their own and introduce lots of security vulnerabilities into the architecture,” he said.

The panelists agreed that the IETF and other standards bodies have been working on interoperable building blocks for IoT deployments, but that incompatibility remains a problem.

“The challenge has been to get [the standards] into the hands of the developers and have the developers implement them. The developers don’t know how to use them,” Tschofenig said.

Koster pointed out that there is a lot of fragmentation in the IoT standards space. “Lots of bodies are working on essentially overlapping and competing standards, and that has moved up to the data model space,” he said, adding that it is important for the IETF to work with other standards bodies to converge on a single set of IoT standards.

Bormann noted that both small and large companies are struggling with deploying IoT standards, but for different reasons. He says small companies often aren’t educated about the importance or availability of interoperability standards. “We need to show people what’s out there so they don’t start building products with extremely shoddy protocols that are going to hurt them in the long run,” he said. “At the other end of the spectrum, very large companies are seeing a way to build little monopolies and are not that interested in building a common substrate.”

Bormann said he would like to see more open source offerings for developers that are essentially “IoT in a box”.

Tschofenig added that what’s needed are not only open source operating systems, IP stacks, and security, but also device management solutions. This will make it easier for IoT startups to create new products with solid IP deployments.

One outstanding issue is who will maintain IoT devices in the field. Panelists said that standards would allow third-party vendors to enter this market.

“If I hire someone to fix my car, they have to know how to handle my tires. There are standards in that space that make it relatively straightforward to handle different kinds of tires,” Bormann explained. “So standard device management solutions and the security concepts required to make this work are really important to allow these companies to exist.”

At the end of the discussion, Kolkman summarized that it appears the Internet invariants continue to matter in IoT deployments and that it is the responsibility of Internet stakeholders, including the IETF, to support these features as IoT evolves.